resend-integration
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): The skill follows security best practices by using environment variables (
process.env.RESEND_API_KEY) instead of hardcoding credentials. No sensitive file access or unauthorized data exfiltration was detected. - [Unverifiable Dependencies & Remote Code Execution] (SAFE): The code utilizes the official
resendNode.js package. No suspicious remote scripts or piped execution patterns (e.g., curl|bash) were found. - [Indirect Prompt Injection] (LOW): The skill exposes a vulnerability surface where untrusted external data could influence agent behavior if this integration is used in an automated pipeline.
- Ingestion points: The webhook handler in
/api/webhooks/resendprocesses incoming email content (event.data.subject,event.data.html,event.data.text) which is attacker-controlled. - Boundary markers: Absent; there are no delimiters or instructions to ignore embedded prompts within the forwarded email content.
- Capability inventory: The skill has the capability to send emails (
resend.emails.send) and manage audience contacts (resend.contacts.create). - Sanitization: Absent; the content is directly interpolated into an HTML template for forwarding, which could be exploited if a downstream agent or user processes the forwarded email.
Audit Metadata